public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: "Jeremy Spilman" <jeremy@taplink•co>
To: bitcoin-development@lists•sourceforge.net
Subject: Re: [Bitcoin-development] Area of Focus
Date: Sat, 20 Dec 2014 03:14:28 -0800	[thread overview]
Message-ID: <op.xq5yue2cyldrnw@laptop-air> (raw)
In-Reply-To: <20141220100816.GD7902@giles.gnomon.org.uk>

On Sat, Dec 20, 2014 at 08:57:53AM +0000, Matt Corallo wrote:
>> There was recently some discussion around dnsseeds. Currently some
>> dnsseeds are getting blocked by ISPs because the hosts they pick up
>> (which run bitcoin core nodes) often run rather web servers alongside
>> which serve malware or whatever else and thus end up on IP-based malware
>> blacklists.

On Sat, 20 Dec 2014 02:08:17 -0800, Roy Badami <roy@gnomon•org.uk> wrote:
> Why would we want to have anything to do with people who are hosting
> malware?  Or do I misunderstand?

It sounds like Matt is saying the nodes the dnsseed is pointing to as  
valid full nodes, that those IPs are hosting the malware. Since the  
dnsseed picks up any stable nodes it can find without auditing, it's  
perhaps not surprising some servers in the world are running a full node  
and a malware server together.

I guess what confused me about this though, how are ISPs reading the  
dnsseed's node list, scanning *those* IPs for malware, and then ending up  
blocking the dnsseed? Seems like a pretty winding path to end up blocking  
a DNS server?

Since when do ISPs null-route a DNS server for happening to resolve some  
domains to IPs which happen to also be hosting some malware? Null-route  
those endpoint IPs sure, but the DNS server too? I guess there was that  
incident of Microsoft taking over No-IP.com -- are dnsseeds being blocked  
ostensibly because they are acting as dyanamic DNS infrastructure for  
malware sites?




  reply	other threads:[~2014-12-20 12:15 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-12-20  7:42 Will Bickford
2014-12-20  8:57 ` Matt Corallo
2014-12-20 10:08   ` Roy Badami
2014-12-20 11:14     ` Jeremy Spilman [this message]
2014-12-20 21:20       ` Matt Corallo
2014-12-20 21:30       ` Gregory Maxwell
2014-12-20 18:27   ` Christian Decker
2014-12-20 21:26 ` Jeff Garzik
2014-12-20 22:37   ` Will Bickford

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=op.xq5yue2cyldrnw@laptop-air \
    --to=jeremy@taplink$(echo .)co \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox